Debian 3.1: DSA 922-1 Critical Kernel Remote Execution Issues
debian
December 14, 2005
Updated package.
Topics Covered
Summary
A race condition in the sysfs filesystem allows local users to
read kernel memory and cause a denial of service (crash).
CVE-2005-0756
Alexander Nyberg discovered that the ptrace() system call does not
properly verify addresses on the amd64 architecture which can be
exploited by a local attacker to crash the kernel.
CVE-2005-0757
A problem in the offset handling in the xattr file system code for
ext3 has been discovered that may allow users on 64-bit systems
that have access to an ext3 filesystem with extended attributes to
cause the kernel to crash.
CVE-2005-1265
Chris Wright discovered that the mmap() function could create
illegal memory maps that could be exploited by a local user to
crash the kernel or potentially execute arbitrary code.
CVE-2005-1761
A vulnerability on the IA-64 architecture can lead local attackers
to overwrite kernel memory and crash the kernel.
CVE-2005-1762
A vulnerability has been disc...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!